The development of events marked a shift in the relations between Iran and the United States after the countries negotiated a nuclear treaty. Media reports did link the hack to the Islamic Republic, but the indictment against the Iranians has been sitting on Justice Department shelves for more than a year before being partly released. It turned out that specific Iranians were accused of engaging in cyber attacks against critical infrastructure of the United States. The men, linked to Iranian tech firms, were accused of blocking access to 46 American financial institution websites, including PNC, Bank of America, NYSE and Capital One.
The DDoS attacks were carried out by bombarding the bank sites with useless traffic from drone machines, disabling access for customers. They are the equivalent of a telephone’s busy signal, and remediating them cost the banks tens of millions of dollars.
The disruptions were considered a major escalation in a cyberwar between the two countries, which was started by Americans early in the Obama presidency by using a sophisticated computer worm Stuxnet to disrupt an Iranian nuclear reactor. In 2013, the United States found the bank hackers inside the control system of a small dam outside New York City, which played no key significance in US waterways. Anyway, the intrusion put the US on alert because it demonstrated Iran was capable of hacking into infrastructure control systems.
The US investigators were discouraged from charging the hackers because the United States tried to negotiate a treaty governing its nuclear program. Moreover, US officials admitted that such cyber attacks from Iran have been less common. The indictment was made public after the Bowman incident was disclosed in a December WSJ article. Since the accused are in Iran, it is unlikely they will ever appear in a US court, but the FBI hopes one of the defendants may travel for vacation or education to a country more friendly to the United States.